Sensible Security Strategies for
SMBs"> John Norman, a systems engineer at Advanced Systems Group, followed Grieves presentation. Norman, who focused on sensible security strategies for SMBs, said that perhaps the biggest problem SMBs face in developing a security strategy is one of prioritization.In determining these priorities, Norman noted that it may not be feasible to protect some of a companys assets and to weigh security costs against the time, money and convenience required. SMBs may need to hire consultants to obtain expertise and outsource such services as regular audits and firewall maintenance, he said. Meanwhile, Forrester Research analyst Paul Stamp discussed data his group has collected about the importance of security among SMBs. According to Stamp, about 28 percent of North American SMBs spend between 2 percent and 4 percent of their budgets on IT security, while another 28 percent spent less than 2 percent. In addition, about 12 percent of decision-makers for the SMBs Stamp surveyed "didnt know" how much their companies spent on security. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
To determine a businesss priorities, Norman recommended that SMB decision-makers identify the assets they need to protect, such as customer data, financial and banking information and employee records; identify from whom they need to protect such data, determining the source of major security threats; and set priorities for their strategies.